1. Field of the Invention
The present invention relates to data security.
2. Description of the Related Art
Many different types of data security measures are known. Presently, most widespread data security measures are based on public-key encryption. Public-key encryption is described, for example, in U.S. Pat. No. 4,218,582, incorporated herein by reference. Other patents relating to public-key encryption include U.S. Pat. Nos. 4,200,770; 4,405,829; 4,424,414 and 4,995,082, all of which are incorporated herein by reference.
One of the reasons for the relative prominence of public-key cryptography is that it solves the problem of key distribution in an elegant fashion.
Prior to public-key cryptography, symmetric-key cryptography required use of the identical key to decrypt the file as was used to encrypt the file. Hence, the key had to be communicated in secrecy between users. In public-key encryption, the encryption and the decryption keys are separate, with the encryption key being publicly known and the decryption key being kept secret. Public-key encryption may also be used for authentication.
Despite the important advantage of not requiring secure key distribution, public-key cryptography also suffers from various disadvantages. Administration is typically required to ensure that unique public-keys are assigned to each user. A person's public-key must be listed in a directory, and must be found in the directory prior to encrypting a message. The computational burden of public-key cryptography is significant both in generating random prime numbers for use as keys and in encryption and decryption processing itself. Furthermore, despite the computational complexity, public-key encryption using medium size keys has been shown to be insecure given the tremendous network computing resources that may be brought to bear on breaking the encryption.
What is needed, then, is a data security mechanism that surpasses in security present public-key cryptography methods and that minimizes the computational burden involved.